System and method for securing machine-to-machine communications

Abstract

This invention concerns the implementation of end-to-end security for the communication between objects in the domain of the Internet of Things (or Internet of Objects). The purpose of the patent is dealing with the setup of secure authorized information channel between data source (M2M device) and data consumers (consumer entity). According to the present invention, the access to a M2M device by a consumer entity (consumer application) is controlled by a M2M authorization server. The M2M authorization server is the entity in charge of managing access rights for the M2M device and makes the decision regarding the access to the resource by the consumer entity (consumer application). The M2M server is an entity that enforces the decision and enables the access to the M2M device. When a consumer application needs to communicate with a M2M device, the present invention proposes a method for authorizing a consumer application to access a M2M device and for encrypting the communication between the consumer application and the M2M device. The M2M authorization server computes security credentials which are sent to the consumer application.

Description

TECHNICAL FIELD[0001]The present invention generally relates to systems and methods for securing communications in the Internet of Things.[0002]Particularly, the present invention relates to a method and system for securing access to resources in the Internet of things.BACKGROUND ART[0003]Many new applications have begun to emerge with the expanding deployment of cellular network infrastructure. The machine-to-machine (M2M) market is one specific segment that has gained considerable widespread usage. This fast-growing market is predicted to see billions of machines interconnected in a near future.[0004]A typical M2M system comprises a M2M device, an M2M server, a network part (including logical function entities such as a network element of an access network, a network element of a core network, . . . ). The M2M server stores related data information of M2M devices or groups for providing M2M services. For example, the M2M device is a water or electricity meters, and the M2M server ...

AI Technical Summary

Benefits of technology

[0034]With the present invention, only authorized consumer applications are entitled to securely access the M2M server for Policy Enforcement and the M2M device for data encryption. The M2M server and M2M Device do not encompass any user information but delegate user management and access control to external M2M authorization server. The M2M server and M2M Device ...

Problems solved by technology

M2M devices differ from other ordinary network subscribers primarily with respect to data usage; M2M devices typically are not flexibly accessed or programmed; and their software is not written to operate with the wide variety of services that a human subscriber can handle.

A drawback to the aforementioned M2M architecture is that there are several potential security risks.

Indee...

Images